CVE-2012-5627

Oracle MySQL 5.5.0-5.5.28 & MariaDB 5.2.0-5.2.13 - Brute Force via Insufficient Salt Rotation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-5627. PoCs published by kingcope.

AI-analyzed exploit summary This exploit leverages a security-bypass weakness in MySQL and MariaDB to aid in brute-force attacks by scrambling passwords and executing authentication commands. It reads passwords from stdin and tests them against a target MySQL server.

Description

Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.

Exploits (1)

exploitdb WORKING POC VERIFIED

by kingcope · perlremotelinux

https://www.exploit-db.com/exploits/38109

View Code ZIP pw:eip

This exploit leverages a security-bypass weakness in MySQL and MariaDB to aid in brute-force attacks by scrambling passwords and executing authentication commands. It reads passwords from stdin and tests them against a target MySQL server.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: MySQL and MariaDB (versions affected by CVE-2012-5627)

No auth needed

Prerequisites: Network access to the target MySQL/MariaDB server · Valid username to brute-force

MITRE ATT&CK